Requirements and Recommendations before installing SCCM 2012 R2

Benoit LecoursSCCM28 Comments

Download and own part 1 to 21 of the SCCM Installation Guide in a single PDF file.

The PDF file is a 162 pages document that contains all informations to install and configure SCCM 2012 R2 or SCCM 1511 and later (Current Branch). Use our products page or use the button below to download it .

Icon Info

This blog post applies to both SCCM 2012 R2 , SCCM 1511 and later.

In the first part of SCCM 2012 and SCCM 1511 blog series, we will cover SCCM installation prerequisites most specifically hardware requirements, design recommendations and server prerequisites.

Hardware Requirements

The hardware requirements for a Primary Site server largely depends on the features that are enabled, and how each of the components is utilized. When the number of clients grows and changes, the server hardware requirements change accordingly. For the initial deployment, hardware requirements can be estimated for each server by determining:

  • The overall need for each component (Will you do Operating System Deployment ? How many daily software deployments ? Is Inventory and reporting is important for your organisation ? Will you manage Internet Client ?)
  • The number of clients planned to be installed
  • The load on each of installed SCCM components

In general, medium environments (couple thousand clients) should consider the following recommendations when planning hardware:

  • SCCM and SQL Server communicate constantly. We recommend that the main database and SQL Server be installed on the Primary site server. This is fully debatable and we understand that some organisation try to standardize their SQL distribution. Performance are simply better using a local installation when configured properly
  • Neither the SCCM site nor the SQL database should share their disks with other applications
  • Configure the SQL Server databases and logs to run on a different disk than the disk where the SCCM database is located.

Another issue to consider when determining hardware requirements for a site servers is the total amount of data that will be stored in the database. To estimate the required database size for a single site, an approximate figure of 5Mb to 10Mb per client is typically used.

In our setup, we will install a single Primary Site that has the role of  Management Point, Reporting Point, Distribution Point, PXE Service Point, State Migration Point, Fallback Status Point and Software Update Point. SQL Reporting Services will be used to provide consolidated reporting for the hierarchy. This role will also be installed on the SCCM Server. Running reports can have an impact on server CPU and memory utilization, particularly if large poorly structured queries are executed as part of the report generation.

Consider placing client facing role (Distribution Point, Reporting Point) on separate server in order to reduce load on your Primary server.

Here’s our recommended reading about hardware requirements:

SCCM 1511

SCCM 2012

We strongly recommend that you understand SQL Server before installing SCCM. Talk and have a good relation with your DBA if you have one in your organisation.

Here’s our recommended reading  about SQL :


For this post,  our servers runs Windows 2012 R2 with latest security patches


Disks IOs is the most important aspect of SCCM performance. We recommend to configure the disks following SQL Best practice. Split the load on different drive. When formatting SQL drives, the cluster size (block size) in NTFS must be 64KB instead of the default 4K. See the previous recommended reading to achieve this.

E:\SQL Database (64K)40GB
F:\SQL TempDB (64K)40GB
G:\SQL Transaction Logs (64K)
SQL TempDB Logs

Primary Site server prerequisites

Once your hardware is carefully planned, we can now prepare our environment and server before SCCM Installation.

Active directory schema extension

You need to extend the Active Directory Schema only if you didn’t have a previous installation of SCCM in your domain. If you have SCCM 2007 already installed and planing a migration, skip this step.

  • Logon to a server with an account that is a member of Schema Admins security group
  • From SCCM ISO run .\SMSSETUP\BIN\X64\extadsch.exe

sccm 2012 r2 installation prerequisites

  • Check schema extension result, open Extadsch.log located in the root of the system drive

sccm 2012 r2 installation prerequisites

Create the System Management Container

Configuration Manager does not automatically create the System Management container in Active Directory Domain Services when the schema is extended. The container must be created one time for each domain that includes a Configuration Manager primary site server or secondary site server that publishes site information to Active Directory Domain Services

  • Start ADSIEdit, go to the System container and create a new Object

sccm 2012 r2 installation prerequisites

  • Select Container

sccm 2012 r2 installation prerequisites

  • Enter System Management

sccm 2012 r2 installation prerequisites

Set security permission

  • Open properties of the container System Management created previously

sccm 2012 r2 installation prerequisites

  • In the Security tab, add the site server computer account and Grant the Full Control permissions

sccm 2012 r2 installation prerequisites

  • Click Advanced, select the site server’s computer account, and then click Edit
  • In the Applies to list, select This object and all descendant objects
  • Click OK and close the ADSIEdit console

SCCM Accounts

Create the necessary accounts and group created before installation. You can use different name but i’ll refer to these names throughout the guide.

  • SQL server services account – SCCM-SQLService
  • SCCM Network Access Account – SCCM-NAA
  • Domain user account for use SCCM client push install  – SCCM-ClientPush
  • Domain user account for use with reporting services User – SCCM-SQLReporting
  • Domain account used to join machine to the domain during OSD – SCCM-DomainJoin
  • Domain group containing all SCCM Admins Group – SCCM-Admins
  • Domain group containing all SCCM servers in the hierarchy Group – SCCM-SiteServers

Network Configuration

  • Make sure that the server has a fix IP and that internet connection is up

Firewall Configuration

  • Make sure the firewall service is ON

Run this script in an elevated command prompt order to open the necessary ports needed for SCCM.

** If you are using custom ports, change the values before running the script. **

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”%40echo%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%20SQL%20Server%20Ports%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0A%40echo%20Enabling%20SQLServer%20default%20instance%20port%201433%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Server%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D1433%0A%40echo%20Enabling%20Dedicated%20Admin%20Connection%20port%201434%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Admin%20Connection%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D1434%0A%40echo%20Enabling%20conventional%20SQL%20Server%20Service%20Broker%20port%204022%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Service%20Broker%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D4022%0A%40echo%20Enabling%20Transact-SQL%20Debugger%2FRPC%20port%20135%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Debugger%2FRPC%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D135%0A%40echo%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%20Analysis%20Services%20Ports%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0A%40echo%20Enabling%20SSAS%20Default%20Instance%20port%202383%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22Analysis%20Services%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D2383%0A%40echo%20Enabling%20SQL%20Server%20Browser%20Service%20port%202382%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Browser%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D2382%0A%40echo%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%20Misc%20Applications%20%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0A%40echo%20Enabling%20HTTP%20port%2080%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22HTTP%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D80%0A%40echo%20Enabling%20SSL%20port%20443%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SSL%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D443%0A%40echo%20Enabling%20port%20for%20SQL%20Server%20Browser%20Service’s%20’Browse’%20Button%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22SQL%20Browser%22%20dir%3Din%20action%3Dallow%20protocol%3DTCP%20localport%3D1434%0A%40echo%20Allowing%20Ping%20command%0Anetsh%20advfirewall%20firewall%20add%20rule%20name%3D%22ICMP%20Allow%20incoming%20V4%20echo%20request%22%20protocol%3Dicmpv4%3A8%2Cany%20dir%3Din%20action%3Dallow”/]


Place a file name no_sms_on_drive.sms on the root drive of each drive you don’t want SCCM to put content on.

Windows Server Features

On the Primary site server, the following components must be installed before SCCM installation. We’ll install all these components using a PowerShell script.

  • .Net Framework 3.51 SP1
  • .Net Framework 4
  • IIS
  • Remote Differential Compression
  • BITS Server Extension
  • WSUS 3.0 SP2
  • Report Viewer
  • ADK for Windows 8.1

Roles and features

On the Site Sever computer, open a PowerShell command prompt as an administrator and type the following commands. This will install the required features without having to use the Windows 2012 GUI.

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”Get-Module%20servermanager%0AInstall-WindowsFeature%20Web-Windows-Auth%0AInstall-WindowsFeature%20Web-ISAPI-Ext%0AInstall-WindowsFeature%20Web-Metabase%0AInstall-WindowsFeature%20Web-WMI%0AInstall-WindowsFeature%20BITS%0AInstall-WindowsFeature%20RDC%0AInstall-WindowsFeature%20NET-Framework-Features%20-source%20%5C%5Cyournetwork%5Cyourshare%5Csxs%0AInstall-WindowsFeature%20Web-Asp-Net%0AInstall-WindowsFeature%20Web-Asp-Net45%0AInstall-WindowsFeature%20NET-HTTP-Activation%0AInstall-WindowsFeature%20NET-Non-HTTP-Activ”/]

Ensure that all component are showing as SUCCESS as an EXIT Code. It’s normal to have Windows Update warnings at this point.

sccm 2012 r2 installation prerequisites

Report Viewer

Download and install – here

ADK for Windows 8.1

Download and install – here

  • Select the default path

sccm 2012 r2 installation prerequisites

  • Do not join CEIP

sccm 2012 r2 installation prerequisites

  • Accept the License Agreement

sccm 2012 r2 installation prerequisites

  • Install the following components
    • Deployment Tools
    • Windows Pre-installation Environment
    • User state Migration tool

sccm 2012 r2 installation prerequisites

Active Directory

  • Add the computer account of all your site servers in the SCCM-SiteServers AD group
  • Ensure that the group has Full Control on the SYSTEM Container in Active Directory

Local Admin accounts

Add both SCCM computer account and the SCCM Admin account to the local administrator group on the site server.

  • SCCM-Admins
  • SCCM-SiteServers

SCCM 2007 Client

If applicable, uninstall SCCM 2007 client and FEP if present on the server before the installation. If the client is present, the 2012 SCCM Management Point installation will fail.

Windows Updates

Run windows update and patch your server to the highest level

Your server is now ready for the SQL installation.

Overview | SCCM 2012 R2 Step-by-Step Installation Guide

Next Part | How to install SQL 2012 before installing SCCM 2012 R2

  sccm 2012 r2 installation prerequisites

Founder of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM Consultant, 4 times Enterprise Mobility MVP. Working in the industry since 1999. His specialization is designing, deploying and configuring SCCM, mass deployment of Windows operating systems, Office 365 and Intunes deployments.

28 Comments on “Requirements and Recommendations before installing SCCM 2012 R2”

  1. I am trying to get it across two forests but cant get anything to show up in the second System container after extended the schema, is there a way to add it manually?

  2. Hello,
    Is BITS mandatory for SCCM CB?
    I am asking as we have a conflict between IIS and an application web site when IIS is enabled… As if I enable BITS IIS got enabled it is an issue for us…
    Let me know


  3. Hi Benoit,

    Looking for some advice on an installation I’ve been asked to do and your opinion on what the best solution is. (The business currently has no Config Mgr in place)

    The current Infrastructure (at a high-level) is:
    1 x DataCentre (offsite from Head office)

    1 x Head Office (servicing about 200 devices, imaging may be done from here)

    400 x Remote Offices (standard Remote Office is 1 x Hypervisor, 1 x Virtual DC, 8 x workstations, link speed will depend on what is available in the area)

    I am trying to determine what type of Heirachy I should go with. My initial thought was a Primary Site at the DataCentre (including a Distribution Point to service Remote Offices and another Distribution Point at the Head Office to support workers there.

    I think this is best suited to our infrastructure, but I wanted to entirely rule out a CAS model, with a Primary site and adding the Remote Offices as Secondary sites as the onsite server has capacity and could rebuild devices locally.

  4. Hello, in Part 1 5.6 (Firewall Configuration) you mention that you should run “this” script in elevated command prompt in order to open the necessary ports needed in SCCM. Where is “this” script? It immediately goes to 5.7.
    Please advise.

  5. Pingback: Miniseriál o SCCM (System Center Configuration Manager)- díl 3. SCCM 2012 R2 – Instalace SQL serveru – IT-News von PC-Meister

  6. Pingback: Miniseriál o SCCM (System Center Configuration Manager)- díl 3. SCCM 2012 R2 – Instalace SQL serveru – Christopher Golden Blog

  7. Hello,
    I’ve a question about the users :

    SQL server services account – SCCM-SQLService
    SCCM Network Access Account – SCCM-NAA
    Domain user account for use SCCM client push install – SCCM-ClientPush
    Domain user account for use with reporting services User – SCCM-SQLReporting
    Domain account used to join machine to the domain during OSD – SCCM-DomainJoin
    Domain group containing all SCCM Admins Group – SCCM-Admins
    Domain group containing all SCCM servers in the hierarchy Group – SCCM-SiteServers

    Which AD Rights they need? It’s enough to create standard users or they need special AD Rights?
    For Example, I think that SCCM-ClientPush has to be a LOCAL ADMIN on domain computers right?

  8. Your guide is truly top notch! Could you comment on how the install occurs in an environment where the ads schema is NOT extended? I’m certain that it can work but not certain what additional steps or configurations are needed for this scenario to work.

  9. SCCM Accounts

    Create the necessary accounts and group created before installation. You can use different name but i’ll refer to these names throughout the guide.

    Do I really need to create all these groups and users, below, for a single site supporting 500 devices tops? What happens if I just use one SCCM user account and set the SQL DB up Local System?

    SQL server services account – SCCM-SQLService
    SCCM Network Access Account – SCCM-NAA
    Domain user account for use SCCM client push install – SCCM-ClientPush
    Domain user account for use with reporting services User – SCCM-SQLReporting
    Domain account used to join machine to the domain during OSD – SCCM-DomainJoin
    Domain group containing all SCCM Admins Group – SCCM-Admins
    Domain group containing all SCCM servers in the hierarchy Group – SCCM-SiteServers

  10. Do we need to set up a new share for this ?
    “Install-WindowsFeature NET-Framework-Features -source \\yournetwork\yourshare\sxs”
    Or is this pointing to source files ?
    Sorry for the lame question.

    1. You don’t need a share for this; you can point it to the Server 2012 R2 install DVD (or mounted ISO). If mounted to D:\ just set
      -source D:\sources\sxs

  11. • Your link to report viewer is to a French Microsoft page and is for report viewer 2010… shouldn’t we be using a newer version?
    • You don’t list how to install wsus 3.0 sp2 and shouldn’t we be installing wsus 4.0?

  12. Pingback: SCCM Deploy – Post 1. Setting up VMware AD and SCCM 1511

  13. Pingback: SCCM Deploy – Post 4. Setup SCCM 2012 1511

  14. Neat guide, I’ll be using it to upgrade our system from running on a 2008 R2 server to 2012 R2.

    But I have a question in regards to the disk requirements. We use a similar setup on our primary site (though with the SQL on it’s own server) and our D: drive is currently using 750GB+. The server is not set up as a DP but it still seems to have a copy of all our packages and applications (which is A LOT, with many big CAD programs).

    Is this normal and should we just make the new server with 1-1.5TB, or are we doing something wrong?


  15. I’m looking to do a fresh install of SCCM 2012 R2 SP1 so that I can migrate our current setup that’s running on Server 2008 R2 with SQL Server 2008. I was planning to do the new install on a Hyper-V server that I have available. The Hyper-V storage is local and is setup as one big RAID10 on SATA disks. Do I still need to create the additional 5 disks for the Hyper-V server (as per your recommendation), or do I just install everything on single disk?

    Many thanks.

  16. Pingback: Part 1 - Requirements and recommendations before installing SCCM 2012 R2 - SLR-Corp

  17. Currently running SCCM 2012 R2 on Windows Server 2012 R2. Any attempt to install SCCM 2012 R2 SP1 nets an error message saying that SCCM 2012 has to be running – Did Microsoft error in publishing the SCCM 2012 R2 SP1?

    1. It constantly amazes me just how blog writers for example your self can find some time plus the dedication to keep on writing terrific blogposts. Your site iswonderful and one of my own ought to read blogs and forums. I just wanted to thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *